Solution
Please Install the Updated Packages.
Insight
A vulnerability has been found and corrected in libsoup:
Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI (CVE-2011-2524).
The updated packages have been patched to correct this issue.
Affected
libsoup on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2,
Mandriva Linux 2010.1
Severity
Classification
-
CVE CVE-2011-2524 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities